diff --git a/Bugfix-for-CVE-2024-31744.patch b/Bugfix-for-CVE-2024-31744.patch deleted file mode 100644 index e5f1827b70c1baee575ec2d1a3c06c4bea737a9b..0000000000000000000000000000000000000000 --- a/Bugfix-for-CVE-2024-31744.patch +++ /dev/null @@ -1,27 +0,0 @@ -From 3ae57e936a335ef809ba5579cc3d9e0cc3c80534 Mon Sep 17 00:00:00 2001 -From: rpm-build -Date: Tue, 10 Sep 2024 14:25:07 +0800 -Subject: [PATCH] Bugfix for CVE-2024-31744 - ---- - src/libjasper/jpc/jpc_dec.c | 4 +++- - 1 file changed, 3 insertions(+), 1 deletion(-) - -diff --git a/src/libjasper/jpc/jpc_dec.c b/src/libjasper/jpc/jpc_dec.c -index e76aa40..a0390fa 100644 ---- a/src/libjasper/jpc/jpc_dec.c -+++ b/src/libjasper/jpc/jpc_dec.c -@@ -611,7 +611,9 @@ static int jpc_dec_process_sod(jpc_dec_t *dec, jpc_ms_t *ms) - if (dec->pkthdrstreams) { - /* Get the stream containing the packet header data for this - tile-part. */ -- if (!(tile->pkthdrstream = jpc_streamlist_remove(dec->pkthdrstreams, 0))) { -+ if (jpc_streamlist_numstreams(dec->pkthdrstreams) != 0 && -+ !(tile->pkthdrstream = jpc_streamlist_remove(dec->pkthdrstreams, -+ 0))) { - return -1; - } - } --- -2.27.0 - diff --git a/jasper-3.0.0-rpath.patch b/jasper-4.1.0-rpath.patch similarity index 61% rename from jasper-3.0.0-rpath.patch rename to jasper-4.1.0-rpath.patch index 7b0ce4d8fabc94c76246656869b61e73859856ac..b6b470045a45b077ccfc688ad096b0642ef75389 100644 --- a/jasper-3.0.0-rpath.patch +++ b/jasper-4.1.0-rpath.patch @@ -1,7 +1,7 @@ -diff -urNp old/CMakeLists.txt new/CMakeLists.txt ---- old/CMakeLists.txt 2022-01-31 10:40:07.521527316 +0100 -+++ new/CMakeLists.txt 2022-01-31 10:41:00.960876005 +0100 -@@ -606,7 +606,7 @@ if(JAS_ENABLE_SHARED) +diff -urNp a/CMakeLists.txt b/CMakeLists.txt +--- a/CMakeLists.txt 2023-11-08 10:45:01.610146140 +0100 ++++ b/CMakeLists.txt 2023-11-08 10:46:18.131824994 +0100 +@@ -804,7 +804,7 @@ if(JAS_ENABLE_SHARED) # (but later on when installing) set(CMAKE_BUILD_WITH_INSTALL_RPATH FALSE) diff --git a/jasper.spec b/jasper.spec index dd74d9cc9316cf7ce44d7ee770831cf28e981b91..111ff68fade361d3e5b49ccf39fc3b469fc576e8 100644 --- a/jasper.spec +++ b/jasper.spec @@ -1,20 +1,17 @@ -%define anolis_release 3 +%define anolis_release 1 Summary: Implementation of the JPEG-2000 standard, Part 1 Name: jasper -Version: 4.0.0 +Version: 4.1.0 Release: %{anolis_release}%{?dist} License: JasPer URL: http://www.ece.uvic.ca/~frodo/jasper/ -Source0: https://github.com/jasper-software/jasper/releases/download/version-%{version}/%{name}-%{version}.tar.gz +Source0: https://github.com/jasper-software/%{name}/archive/refs/tags/version-%{version}.tar.gz # skip hard-coded prefix/lib rpath -Patch1: jasper-3.0.0-rpath.patch +Patch1: jasper-4.1.0-rpath.patch Patch2: 0001-CVE-2023-51257.patch -# CVE-2024-31744 -# Upstream fix: https://github.com/jasper-software/jasper/commit/6d084c53a77762f41bb5310713a5f1872fef55f5 -Patch3: Bugfix-for-CVE-2024-31744.patch # autoreconf BuildRequires: cmake @@ -68,7 +65,7 @@ Requires: %{name}-libs = %{version}-%{release} %prep -%autosetup -n %{name}-%{version} -p1 -S git +%autosetup -n %{name}-version-%{version} -p1 -S git %build %cmake \ @@ -108,6 +105,10 @@ Requires: %{name}-libs = %{version}-%{release} %{_mandir}/man1/jiv.1* %changelog +* Fri Feb 28 2025 Xiaoping Liu - 4.1.0-1 +- update to 4.1.0 from 4.0.0 +- Remove the patch because it does not affect the current version + * Tue Sep 10 2024 lidongyue - 4.0.0-3 - CVE-2024-31744 diff --git a/jasper-4.0.0.tar.gz b/version-4.1.0.tar.gz similarity index 55% rename from jasper-4.0.0.tar.gz rename to version-4.1.0.tar.gz index f9ba629706a3ed704c5b59072c00d27a3e32f09c..2e7dc41344447630c5a271004915557ff2c5b083 100644 Binary files a/jasper-4.0.0.tar.gz and b/version-4.1.0.tar.gz differ